Facebook passwords are not ‘completely’ case sensitive. You actually have 3 passwords for your Facebook account, including the normal password with which you login.
So what are those other two passwords, apart from the one you know?
- Your actual Facebook password with case reversed.
- Your actual Facebook password with first letter capitalized, this is only available for mobile devices, though.
For example, if your password is “fAcEbOoK’, then “FaCeBoOk” (case reversed) serves as an alternative password.
This also means that if your password is completely in lower case, then you can login to your Facebook account even with Caps Lock on.
If you’re logging into Facebook from a mobile, then if the first letter gets capitalized by mistake, still you can login with no problem.
This is not a bug in Facebook, they intentionally designed in this way. This is not even a security loophole as it’s the same password, what has changed is just the capitalization, so it will take the same number of brute force attacks to crack it.
Source: ZDNet
8 Comments
I see lots of facebook posts now.
That’s incorrect.
I mean, they will be nearly same, because capitalization is the only thing that’s changing. This again depends on the password, if the reverse cased password has equal combination of upper and lower case letters, then the reverse case password may take more time to crack. On an average we can say that, reversing the case doesn’t effect the security.
Well, that’s something I’ve never knew about. Thanks for sharing it.
Wow cool! Nice discovery!
I tried the 1st one but it is not working…
my mistake…typed in wrong password. Its working. Thanks for sharing.